	<?php
	
	$messageStack->reset();		
	
	global $db;

	$keys=MODULE_PAYMENT_SECUREPAYMENT_ENCRYPTION_KEY;
	
	
	$Strs=null;
	$dealOrder=$_REQUEST['dealOrder'];
	$dealFee=$_REQUEST['dealFee'];
	$dealState=$_REQUEST['dealState'];
	$dealSignure=$_REQUEST['dealSignure'];
	$dealId=$_REQUEST['dealId'];
	$fetch_sql = "select * from " . TABLE_ORDERS . " where orders_id = '".$dealOrder."'";
	$result = $db->Execute($fetch_sql);	
	$dealOrder2=$result->fields['orders_id']; 
	$Strs='';
	$Strs.=$dealOrder2;
	$Strs.=$dealState;	
	$signature=hash('sha256',$Strs.$keys);
	
	if($dealSignure==$signature)
	{
	$default_status_id=0;
	$fetch_sql = "select orders_status_id from ".TABLE_ORDERS_STATUS ." where orders_status_name='SecurePayment[Paid]' LIMIT 1";
	$result1 = $db->Execute($fetch_sql);	
	$default_status_id = $result1->fields['orders_status_id']; 
	if ($result1->RecordCount() < 1) {
	$fetch_sql = "select orders_status_id from ".TABLE_ORDERS_STATUS ." where orders_status_name='SecurePayment[Payment Received]' LIMIT 1";
	$result2 = $db->Execute($fetch_sql);	
	$default_status_id = $result2->fields['orders_status_id']; 	
	}
	 if ($default_status_id == $result->fields['orders_id']) {
	$messageStack->add_session('payment_result', 'Your order completed successfully! You will receive a email concerning your order processing! Thank you for shopping with us!', 'success');
	}
	
echo	$sql="UPDATE ". TABLE_ORDERS . " SET orders_status = ' ".$default_status_id. "' where orders_id = '" . $dealOrder2 . "' ";
	echo $db->Execute($sql);
echo	 $sql="UPDATE ". TABLE_ORDERS_STATUS_HISTORY . " SET orders_status_id = ' ".$default_status_id. "' where orders_id = '" . $dealOrder2 . "' ";
	// $db->Execute($sql);
echo	  $sql="UPDATE ". TABLE_ORDERS_STATUS_HISTORY . " SET customer_notified = '1' where orders_id = '" . $dealOrder2 . "' ";
	// $db->Execute($sql);
	die();
//echo $default_status_id;exit;	

//build email output:
//Products deatails area	
$fetch_sql23 = "select * from ".TABLE_ORDERS_PRODUCTS ." where orders_id='".$dealOrder2."' ORDER BY orders_products_id ASC";
$result11 = $db->Execute($fetch_sql23);
$records=$result11->RecordCount();	
$i=0;
$message2=null;
$orders_products_id=$result11->fields['orders_products_id'];
do{	
	$fetch_sql = "select * from ".TABLE_ORDERS_PRODUCTS ." where orders_id='".$dealOrder2."' AND  orders_products_id='".$orders_products_id."'";
	$result10 = $db->Execute($fetch_sql);
	$message2 .=$result10->fields['products_quantity'].' x '.$result10->fields['products_name'].' = '.$_SESSION['currency'].$result10->fields['products_quantity']*$result10->fields['final_price'].'<br />';	
	$i++;$orders_products_id++;
}while($i<$records);

//Totals area
$fetch_sql24 = "select * from ".TABLE_ORDERS_TOTAL ." where orders_id='".$dealOrder2."'";
$result14 = $db->Execute($fetch_sql24);
$records=$result14->RecordCount();	
$y=0;
$message3=null;
$orders_total_id=$result14->fields['orders_total_id'];
do{	
	$fetch_sql = "select * from ".TABLE_ORDERS_TOTAL ." where orders_total_id='".$orders_total_id."' ORDER BY orders_total_id ASC";
	$result19 = $db->Execute($fetch_sql);
	$message3 .=$result19->fields['title'].' = '.$result19->fields['text'].'<br />';	
	$y++;$orders_total_id++;
}while($y<$records);

	include (DIR_WS_LANGUAGES . $_SESSION['language'] . '/checkout_process.php');


// subject
$subject = EMAIL_TEXT_HEADER;

// message
$message = EMAIL_TEXT_HEADER . EMAIL_TEXT_FROM . STORE_NAME . '<BR /><BR />' .
    $result->fields['customers_name'] . '<BR /><BR />' .
    EMAIL_THANKS_FOR_SHOPPING . '<BR />' . EMAIL_DETAILS_FOLLOW . '<BR />' .
    EMAIL_SEPARATOR . '<BR />' .
    EMAIL_TEXT_ORDER_NUMBER . ' ' . ORDER_PREFIX. $dealOrder2 . '<BR />' .
    EMAIL_TEXT_DATE_ORDERED . ' ' . strftime(DATE_FORMAT_LONG) . '<BR />' .
    EMAIL_TEXT_INVOICE_URL . ' ' . zen_href_link(FILENAME_ACCOUNT_HISTORY_INFO, 'order_id=' . $dealOrder2, 'SSL', false) . '<BR /><BR />';
 
 //products area
$message .=EMAIL_TEXT_PRODUCTS . '<BR />'. EMAIL_SEPARATOR . '<BR />' .$message2.EMAIL_SEPARATOR . '<BR />' . $message3;

//delivery area
$message .= '<BR />' . EMAIL_TEXT_DELIVERY_ADDRESS . '<BR />' .
      EMAIL_SEPARATOR . '<BR />' .$result->fields['delivery_name']. '<BR />' .
       $result->fields['delivery_street_address']. '<BR />' .
	   $result->fields['delivery_city']. ', '.$result->fields['delivery_state']. ' ' .$result->fields['delivery_postcode']. '<BR />' .
	   $result->fields['delivery_country']. '<BR /><BR />' ;
	   
//billing address area
$message .= '<BR />' . EMAIL_TEXT_BILLING_ADDRESS . '<BR />' .
      EMAIL_SEPARATOR . '<BR />' .$result->fields['billing_name']. '<BR />' .
       $result->fields['billing_street_address']. '<BR />' .
	   $result->fields['billing_city']. ', '.$result->fields['billing_state']. ' ' .$result->fields['billing_postcode']. '<BR />' .
	   $result->fields['billing_country']. '<BR /><BR />';
	   
//payment method
 $message .= EMAIL_TEXT_PAYMENT_METHOD . '<BR />' .
      EMAIL_SEPARATOR . '<BR />'.'Secure Payment'. '<BR />';
 // include disclaimer
    if (defined('EMAIL_DISCLAIMER') && EMAIL_DISCLAIMER != '')
	$message .= "<BR />-----<BR />" . sprintf(EMAIL_DISCLAIMER, STORE_OWNER_EMAIL_ADDRESS) . '<BR /><BR />';
    // include copyright
    if (defined('EMAIL_FOOTER_COPYRIGHT'))
	$message .= "<BR />-----<BR />" . EMAIL_FOOTER_COPYRIGHT . '<BR /><BR />';	
//end html body	
$message .='
</body>
</html>';


// Content-type header
$headers  = 'MIME-Version: 1.0' . "\r\n";
$headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";

// Additional headers
$headers .= 'To: ' .$result->fields['customers_email_address'] . ', '. STORE_OWNER_EMAIL_ADDRESS . "\r\n";
$headers .= 'From: '. STORE_OWNER_EMAIL_ADDRESS  . "\r\n";

// Mail it
mail($to, $subject, $message, $headers);

		
unset($_SESSION['order_summary']);
unset($_SESSION['orders_id']);
$_SESSION['cart']->reset(true);
// unregister session variables used during checkout
unset($_SESSION['sendto']);
unset($_SESSION['billto']);
unset($_SESSION['payment']);
unset($_SESSION['shipping']);
unset($_SESSION['payment']);
unset($_SESSION['comments']);

//zen_redirect(zen_href_link(FILENAME_CHECKOUT_SUCCESS, ''));
$messageStack->add_session('payment_result', 'Your order completed successfully! You will receive a email concerning your order processing! Thank you for shopping with us!', 'success');
	}
else
{	$messageStack->add_session('payment_result', 'Oops...Your order payment failed! Please try again!', 'error');
}



		?>